Vulnerabilities > Oracle > Identity Manager > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-19 | CVE-2019-2729 | Improper Access Control vulnerability in Oracle products Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). | 9.8 |
| 2018-02-06 | CVE-2017-15095 | Deserialization of Untrusted Data vulnerability in multiple products A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. | 9.8 |
| 2017-10-30 | CVE-2017-10151 | Unspecified vulnerability in Oracle Identity Manager Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). | 10.0 |
| 2017-04-24 | CVE-2017-3553 | Unspecified vulnerability in Oracle Identity Manager 11.1.2.3.0 Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Rules Engine). | 9.9 |